VPN network Theory (Gargoyle)

[pkkrusty]

Will give it a try. Thanks.

[pkkrusty]

Getting around to trying this. Updated to 1.15.x, and now none of my plugins are showing up in the gui. It still shows them as being installed, but when I click uninstall, nothing happens.

Also the last version of OpenVPN plugin says 1.13.0-2, not 1.15 like most of the others. Is that correct?

[Lantis]

No sir.
Where you downloaded 1.15.x from there will be links to add the appropriate plugin repositories in.
All plugins will then show up with appropriate versions.

If you are still seeing plugins from an old install showing, did you keep settings? Or, you're using Extroot?
Either one should be reset.

[pkkrusty]

Got it. Had added your repository, but tried to keep settings, and the plugins were stored on a USB drive. A clean install seems to have worked.

[pkkrusty]

Still having the same problem as before, where I can connect to the VPN successfully, but cannot access other clients on the lan. I can access the IP address of the router (on the lan subnet). I've tried with and without vpn_gateway option.

Of note, ispysail showed a screenshot of his static routes after he made the adjustment in the ccd file, I do not have a line that matches his highlighted one

What file do i edit to add a route manually like he did? Adding via the gui does not let me select tun0 as an interface

[ispyisail]

I haven't read your full post but the openVPN is working perfect on the lasted version and no command line edits are necessay now.

Can you post some screen shots of your problem areas

[pkkrusty]

My gargoyle router is acting as a switch, so DHCP server is off, and it is not the primary router. It has IP 192.168.1.41, and tunnel subnet is 10.8.0.0. Primary router is 192.168.1.1, and outside VPN connections are port forwarded to the gargoyle switch. I'm guessing that is the source of my problems, and I'm not understanding the routing requirements.

Can't attach anything, says "Board attachment quota has been reached". Here's an imgur link for the vpn page

https://imgur.com/a/tKhG5i3

and for route page

https://imgur.com/a/FNcDsFl

[ispyisail]

My gargoyle router is acting as a switch, so DHCP server is off

Yeah

I suspect you would need to make custom routing on your dhcp server router

Traffic going out has no idea where to find the VPN server

[ispyisail]

From AI

Navigating the Digital Maze: How Routers Find Your Device, Even When They Don't Know the Way
When you type a website address or access a file on a network, your computer sends out a digital request in the form of a data packet, addressed to a specific IP address. But what happens when the first router your request encounters has no idea where that IP address is located? The answer lies in a fundamental concept of network routing: the default gateway.

In essence, if a router doesn't have a specific entry in its local "map" – its routing table – for the destination IP address, it doesn't simply give up. Instead, it forwards the packet to its designated "router of last resort," known as the default gateway. This is the crucial next step in the journey of your data packet across the vast expanse of the internet or a large private network.

The Local Lookup: The First Stop
Before a data packet even leaves your local network, your device performs a quick check. It compares its own IP address and subnet mask with the destination IP address.

If the destination is on the same local network, your device will use the Address Resolution Protocol (ARP) to find the MAC (Media Access Control) address of the destination device and send the packet directly to it through a local switch.

If the destination is on a different network, your device knows it can't reach it directly. This is where the default gateway, typically your home router or a designated router on a corporate network, comes into play. Your device sends the packet to the MAC address of its configured default gateway.

The Router's Dilemma: "I Don't Know This Address"
Upon receiving the packet, the first router examines the destination IP address in the packet's header. It then consults its own internal routing table. This table is a list of known networks and the "next hop" or interface to use to reach them.

There are two possibilities:

A Specific Route Exists: If the router's table has an entry for the network of the destination IP address, it will forward the packet to the specified next-hop router or out of the appropriate interface.

No Specific Route is Found: This is the core of the user's question. If the router's routing table does not contain a specific path to the destination network, it will utilize its default route. This default route is a pre-configured instruction that essentially says, "If I don't have a specific path for this destination, send it to my default gateway."

The Chain of Routers: A Packet's Journey
The process then becomes a chain of forwarding decisions. The first router sends the packet to its default gateway. This second router, upon receiving the packet, repeats the exact same process:

It inspects the destination IP address.

It checks its own routing table for a specific route.

If a specific route is found, it forwards the packet accordingly.

If not, it forwards the packet to its own default gateway.

This hop-by-hop process continues across the internet or a large network. Each router in the path makes an independent decision based on its own routing table. These tables are constantly being updated through dynamic routing protocols like OSPF (Open Shortest Path First) and BGP (Border Gateway Protocol), which allow routers to share information about network topology and find the most efficient paths.

Think of it like sending a letter through the postal service. Your local post office (the first router) might not know the exact street address in a different country (the destination IP). So, it sends the letter to a regional sorting facility (the default gateway). That facility, in turn, sends it to a national, and then international, sorting facility, each getting the letter progressively closer to its final destination until a local post office in the destination country can deliver it.

This system of using default gateways ensures that data packets can navigate complex and ever-changing networks without each individual router needing to know the path to every single IP address in the world. It's a scalable and resilient system that forms the backbone of modern digital communication.

[pkkrusty]

Got it! Needed a static route on my main router forwarding 10.8.0.0 traffic to the gargoyle router on 192.168.1.41. After a restart, it worked. Thanks for the help, all!